Don't redirect to /login if authentication is required
We can just serve the login page in place.
This commit is contained in:
parent
13f0b54c49
commit
12ca755bea
3 changed files with 24 additions and 19 deletions
|
@ -75,7 +75,7 @@ sub logout_GET {
|
||||||
sub persona_login :Path('/persona-login') Args(0) {
|
sub persona_login :Path('/persona-login') Args(0) {
|
||||||
my ($self, $c) = @_;
|
my ($self, $c) = @_;
|
||||||
$c->stash->{json} = {};
|
$c->stash->{json} = {};
|
||||||
die if $c->request->method ne "POST";
|
requirePost($c);
|
||||||
|
|
||||||
my $assertion = $c->req->params->{assertion} or die;
|
my $assertion = $c->req->params->{assertion} or die;
|
||||||
|
|
||||||
|
@ -85,10 +85,10 @@ sub persona_login :Path('/persona-login') Args(0) {
|
||||||
{ assertion => $assertion,
|
{ assertion => $assertion,
|
||||||
audience => "http://localhost:3000/"
|
audience => "http://localhost:3000/"
|
||||||
});
|
});
|
||||||
Catalyst::Exception->throw("Did not get a response from Persona.") unless $response->is_success;
|
error($c, "Did not get a response from Persona.") unless $response->is_success;
|
||||||
|
|
||||||
my $d = decode_json($response->decoded_content) or die;
|
my $d = decode_json($response->decoded_content) or die;
|
||||||
Catalyst::Exception->throw("Persona says: $d->{reason}") if $d->{status} ne "okay";
|
error($c, "Persona says: $d->{reason}") if $d->{status} ne "okay";
|
||||||
|
|
||||||
my $email = $d->{email} or die;
|
my $email = $d->{email} or die;
|
||||||
|
|
||||||
|
@ -106,6 +106,16 @@ sub persona_login :Path('/persona-login') Args(0) {
|
||||||
$c->set_authenticated($user);
|
$c->set_authenticated($user);
|
||||||
|
|
||||||
$c->stash->{json}->{result} = "ok";
|
$c->stash->{json}->{result} = "ok";
|
||||||
|
$c->flash->{flashMsg} = "You are now signed in as <tt>" . $email . "</tt>";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
sub persona_logout :Path('/persona-logout') Args(0) {
|
||||||
|
my ($self, $c) = @_;
|
||||||
|
$c->stash->{json} = {};
|
||||||
|
requirePost($c);
|
||||||
|
$c->flash->{flashMsg} = "You are no longer signed in." if $c->user_exists();
|
||||||
|
$c->logout;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -89,7 +89,8 @@ sub getPreviousSuccessfulBuild {
|
||||||
|
|
||||||
|
|
||||||
sub error {
|
sub error {
|
||||||
my ($c, $msg) = @_;
|
my ($c, $msg, $status) = @_;
|
||||||
|
$c->response->status($status) if defined $status;
|
||||||
$c->error($msg);
|
$c->error($msg);
|
||||||
$c->detach; # doesn't return
|
$c->detach; # doesn't return
|
||||||
}
|
}
|
||||||
|
@ -97,8 +98,7 @@ sub error {
|
||||||
|
|
||||||
sub notFound {
|
sub notFound {
|
||||||
my ($c, $msg) = @_;
|
my ($c, $msg) = @_;
|
||||||
$c->response->status(404);
|
error($c, $msg, 404);
|
||||||
error($c, $msg);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -113,8 +113,7 @@ sub backToReferer {
|
||||||
sub requireLogin {
|
sub requireLogin {
|
||||||
my ($c) = @_;
|
my ($c) = @_;
|
||||||
$c->session->{referer} = $c->request->uri;
|
$c->session->{referer} = $c->request->uri;
|
||||||
$c->response->redirect($c->uri_for('/login'));
|
error($c, "This page requires you to sign in.", 403);
|
||||||
$c->detach; # doesn't return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -130,24 +129,21 @@ sub requireProjectOwner {
|
||||||
|
|
||||||
requireLogin($c) if !$c->user_exists;
|
requireLogin($c) if !$c->user_exists;
|
||||||
|
|
||||||
error($c, "Only the project members or administrators can perform this operation.")
|
error($c, "Only the project members or administrators can perform this operation.", 403)
|
||||||
unless isProjectOwner($c, $project);
|
unless isProjectOwner($c, $project);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
sub isAdmin {
|
sub isAdmin {
|
||||||
my ($c) = @_;
|
my ($c) = @_;
|
||||||
|
|
||||||
return $c->user_exists && $c->check_user_roles('admin');
|
return $c->user_exists && $c->check_user_roles('admin');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
sub requireAdmin {
|
sub requireAdmin {
|
||||||
my ($c) = @_;
|
my ($c) = @_;
|
||||||
|
|
||||||
requireLogin($c) if !$c->user_exists;
|
requireLogin($c) if !$c->user_exists;
|
||||||
|
error($c, "Only administrators can perform this operation.", 403)
|
||||||
error($c, "Only administrators can perform this operation.")
|
|
||||||
unless isAdmin($c);
|
unless isAdmin($c);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -121,12 +121,11 @@
|
||||||
.fail(function() { bootbox.alert("Server request failed!"); });
|
.fail(function() { bootbox.alert("Server request failed!"); });
|
||||||
},
|
},
|
||||||
onlogout: function() {
|
onlogout: function() {
|
||||||
$.ajax({
|
$.post("[% c.uri_for('/persona-logout') %]")
|
||||||
type: 'POST',
|
.done(function(data) {
|
||||||
url: '/logout',
|
window.location.reload();
|
||||||
success: function(res, status, xhr) { window.location.reload(); },
|
})
|
||||||
error: function(xhr, status, err) { alert("Logout failure: " + err); }
|
.fail(function() { bootbox.alert("Server request failed!"); });
|
||||||
});
|
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue